If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Hybrid View

Need advice on preventing hacker attempt

Hello,

I'm not too sure this is the right forum section for this, since this is regarding managing the Web site hosted on a shared server.

A web site I manage was just hacked today by having the .htaccess file completely rewritten and the home page had a HUGE string of characters in php tags added to the end page. My client was pretty freaked out - I was kinda too!

Can the following prevent the .htaccess file from being accessed?

Code:

<Files .htaccess>
deny from all
</Files>

How does this happen in the first place and what can I do to prevent an outside source from modifying a file's code?

Well, if you're server is running apache then it should already have the following measure preventing that from happening in the httpd.conf file:

Code:

<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>

Before you edit your .htaccess file, just try to access the .htaccess file using your browser now. There's no way you should be able to do it.

Chances are, the site got hacked because either somebody obtained the username and password (i.e. login credentials) and FTP-ed their own stuff to the server, or they were able to upload malicious code (e.g. a file that contained server side code and could be executed by typing it's name in the browser).

I've switched careers...
I'm NO LONGER a scientist,
but now a web developer...
awesome.